Hey there, last week I came across a weird, but working, way of injecting HTML into an iframe through Javascript. It turns out that with this method the HTTP Referer is not sent. Here is the code http://pastie.org/5581593 (tested on Chrome, not sure about other browsers) Does someone have any clue on how does it works?

Branch

• Home

• Sign up Log in

Giuseppe Gurgone wants to talk about

iframe + js src = No HTTP Referer. How does it works?

Giuseppe Gurgone

Hey there,

last week I came across a weird, but working, way of injecting HTML into an iframe through Javascript.

It turns out that with this method the HTTP Referer is not sent.

Here is the code pastie.org (tested on Chrome, not sure about other browsers)

Does someone have any clue on how does it works?

#5581593 - Pastie pastie.org

• (Tip: Highlights go away when you edit!)
• Save
• Cancel

Tweet · 2012-12-27 09:29:49 UTC

Press ⌘CTRL+C to copy a link to this post.

This branch has news posts. View them?

Great conversation?

Share it with friends!

Tweet

branch

×

Uh oh! We encountered an error.

Please refresh the page and try again.

×

×

• Nevermind

Do you want to link to your account?

Yes!

No, thanks

×

← Back

Sign in with Twitter

If you signed up without Twitter, log in here →

Use your email

×

Can you do us a favor?

For now, you can only register or log in to Branch in Safari.

Tap and hold to copy link

and paste in Safari

Tap and hit 'Open in Safari'

×